Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/703902-7061-4ecb-9df1-c45620326491/1/xZKgYJDwFpQNMesbCbrhLZSxlbA.mft
File: xZKgYJDwFpQNMesbCbrhLZSxlbA.mft (raw, json)
Hash identifier: t2t8KeZG5plCvhfw4XfmSjvkkOqCoyjoykiXWLrJzaA=
Subject key identifier: 64:AF:3C:15:59:E3:E4:4B:69:89:98:88:CA:C2:F7:53:BE:20:C1:D6
Authority key identifier: C5:92:A0:60:90:F0:16:94:0D:31:EB:1B:09:BA:E1:2D:94:B1:95:B0
Certificate issuer: /CN=c592a06090f016940d31eb1b09bae12d94b195b0
Certificate serial: 0199FF90345A241035324A44F879F135C47C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xZKgYJDwFpQNMesbCbrhLZSxlbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/703902-7061-4ecb-9df1-c45620326491/1/xZKgYJDwFpQNMesbCbrhLZSxlbA.mft
Manifest number: 05C4
Signing time: Mon 20 Oct 2025 03:01:04 +0000
Manifest this update: Mon 20 Oct 2025 03:01:04 +0000
Manifest next update: Tue 21 Oct 2025 03:01:04 +0000
Files and hashes: 1: G68GMPXMUX3Qhn5n2oFwnwjBDXg.roa (hash: 6TErr3RLE+4ObuY83LCNvVHOw/1OAYj91Y93qk/e+tA=)
2: xZKgYJDwFpQNMesbCbrhLZSxlbA.crl (hash: ymng8CMDm2wnjzk0MH5gwWXzDWuHKnonjZ88jHdjy0c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/703902-7061-4ecb-9df1-c45620326491/1/xZKgYJDwFpQNMesbCbrhLZSxlbA.crl
rsync://rpki.ripe.net/repository/DEFAULT/a5/703902-7061-4ecb-9df1-c45620326491/1/xZKgYJDwFpQNMesbCbrhLZSxlbA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xZKgYJDwFpQNMesbCbrhLZSxlbA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ff:90:34:5a:24:10:35:32:4a:44:f8:79:f1:35:c4:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c592a06090f016940d31eb1b09bae12d94b195b0
Validity
Not Before: Oct 20 03:01:04 2025 GMT
Not After : Oct 21 03:01:04 2025 GMT
Subject: CN=64af3c1559e3e44b69899888cac2f753be20c1d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:b2:6f:7e:2c:d0:7c:f0:95:b4:a8:d6:44:6e:
53:a7:80:7a:5e:64:17:3b:7a:2e:c4:8f:ff:21:3c:
c6:b9:3f:e5:71:f5:cb:6f:6d:e5:f5:78:4a:d0:a1:
ce:c7:e1:c1:45:f9:03:04:ff:a8:fc:ba:1d:73:9c:
a1:43:15:28:8f:91:50:a0:48:47:ff:44:23:b2:63:
5d:05:d5:e2:98:54:c4:ec:8f:12:9a:27:6d:d4:ee:
f8:b8:8f:81:76:f4:27:26:36:5e:0e:ba:e1:19:76:
2c:e5:6e:35:8c:df:25:5c:95:41:6d:9e:8b:3f:4e:
ff:98:12:40:49:64:30:14:fd:93:cc:5e:62:0f:5e:
a8:2c:c6:db:46:65:93:a8:a5:70:5d:d7:06:39:71:
b7:bf:f5:93:08:58:e7:44:3e:26:48:25:15:58:95:
e1:c1:97:f5:6c:87:28:71:b1:a3:07:c2:28:00:63:
af:81:e0:fe:d7:15:2f:44:5c:de:0b:41:a9:58:02:
81:5c:3a:ec:3c:f0:c0:6d:6e:cc:f1:34:2e:d7:46:
a2:d5:24:82:1d:a8:14:24:76:40:45:db:99:93:a6:
8d:1c:34:4d:a3:6b:08:f6:82:b2:58:16:f7:53:44:
7c:4b:0a:9c:3b:2b:f1:de:ce:37:bf:26:e8:5b:c7:
7a:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:AF:3C:15:59:E3:E4:4B:69:89:98:88:CA:C2:F7:53:BE:20:C1:D6
X509v3 Authority Key Identifier:
keyid:C5:92:A0:60:90:F0:16:94:0D:31:EB:1B:09:BA:E1:2D:94:B1:95:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xZKgYJDwFpQNMesbCbrhLZSxlbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/703902-7061-4ecb-9df1-c45620326491/1/xZKgYJDwFpQNMesbCbrhLZSxlbA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/703902-7061-4ecb-9df1-c45620326491/1/xZKgYJDwFpQNMesbCbrhLZSxlbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6b:50:a9:32:e6:b3:4f:f7:b8:fc:3a:62:c2:5c:38:b7:d3:e3:
33:27:c4:fe:33:07:70:8e:69:8b:10:12:b3:3f:da:53:85:c3:
f9:61:ef:f0:af:c4:d5:24:aa:17:49:84:35:57:b8:e2:73:38:
aa:04:68:84:f4:32:bf:20:d8:7e:34:14:48:f9:67:b7:0b:b8:
83:b6:d1:28:ba:4c:2c:7d:6f:03:e1:7e:68:6f:ea:95:6b:da:
b1:63:e7:d4:23:84:5a:c5:ae:c1:e6:3e:8d:45:69:45:40:af:
05:bd:5f:37:c4:08:df:e1:9a:2f:2e:e9:9a:eb:80:c8:39:e1:
7c:77:af:c9:2a:f3:c9:7d:11:96:a5:c5:93:d0:d3:dc:57:a5:
ec:a7:d4:95:cb:ab:e5:7b:aa:0e:b9:86:5b:6a:e1:2e:1c:c0:
3d:ab:46:d0:8d:74:a8:7d:b3:38:f5:b4:72:30:4d:ea:5a:57:
4a:fb:1c:3b:1b:64:14:78:a7:c6:f7:e3:8f:de:c6:a5:75:aa:
5e:c2:7e:bb:0f:97:49:f2:20:3d:a7:47:8d:e5:a9:f1:cc:ba:
5f:6a:81:dc:59:3e:7e:cd:f1:ae:14:46:e2:78:c6:aa:1f:9d:
b3:bb:db:d2:18:5f:78:68:16:d6:7a:23:ef:4d:1f:a8:a9:b2:
0f:e4:11:6e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/kDRaJBA1MkpE+HnxNcR8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1OTJhMDYwOTBmMDE2OTQwZDMxZWIxYjA5YmFlMTJkOTRi
MTk1YjAwHhcNMjUxMDIwMDMwMTA0WhcNMjUxMDIxMDMwMTA0WjAzMTEwLwYDVQQD
Eyg2NGFmM2MxNTU5ZTNlNDRiNjk4OTk4ODhjYWMyZjc1M2JlMjBjMWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLJvfizQfPCVtKjWRG5Tp4B6XmQX
O3ouxI//ITzGuT/lcfXLb23l9XhK0KHOx+HBRfkDBP+o/Lodc5yhQxUoj5FQoEhH
/0QjsmNdBdXimFTE7I8Smidt1O74uI+BdvQnJjZeDrrhGXYs5W41jN8lXJVBbZ6L
P07/mBJASWQwFP2TzF5iD16oLMbbRmWTqKVwXdcGOXG3v/WTCFjnRD4mSCUVWJXh
wZf1bIcocbGjB8IoAGOvgeD+1xUvRFzeC0GpWAKBXDrsPPDAbW7M8TQu10ai1SSC
HagUJHZARduZk6aNHDRNo2sI9oKyWBb3U0R8SwqcOyvx3s43vyboW8d6tQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGSvPBVZ4+RLaYmYiMrC91O+IMHWMB8GA1UdIwQY
MBaAFMWSoGCQ8BaUDTHrGwm64S2UsZWwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFpLZ1lKRHdGcFFOTWVzYkNicmhMWlN4bGJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS83MDM5MDItNzA2MS00ZWNiLTlkZjEt
YzQ1NjIwMzI2NDkxLzEveFpLZ1lKRHdGcFFOTWVzYkNicmhMWlN4bGJBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS83MDM5MDItNzA2MS00ZWNiLTlkZjEtYzQ1NjIwMzI2NDkx
LzEveFpLZ1lKRHdGcFFOTWVzYkNicmhMWlN4bGJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa1CpMuaz
T/e4/Dpiwlw4t9PjMyfE/jMHcI5pixASsz/aU4XD+WHv8K/E1SSqF0mENVe44nM4
qgRohPQyvyDYfjQUSPlntwu4g7bRKLpMLH1vA+F+aG/qlWvasWPn1COEWsWuweY+
jUVpRUCvBb1fN8QI3+GaLy7pmuuAyDnhfHevySrzyX0RlqXFk9DT3Fel7KfUlcur
5XuqDrmGW2rhLhzAPatG0I10qH2zOPW0cjBN6lpXSvscOxtkFHinxvfjj97GpXWq
XsJ+uw+XSfIgPadHjeWp8cy6X2qB3Fk+fs3xrhRG4njGqh+ds7vb0hhfeGgW1noj
700fqKmyD+QRbg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 07:13:32 2025 by rpki-client